SMART TRANSPORT FEATURE NEWS

The Drive Behind Smart Cars and the Security Movement

With hundreds of companies in the most populated cities, regions and countries in the world testing driver-enabled and driverless vehicles, and new smart car features being built into the latest models by the world’s largest car and truck manufacturers, it’s safe to say we’ve moved beyond the initial “hype” phase and are now in momentum mode.

A 2018 KMPG study reported that Automated Vehicles (AVs) are positioned to revolutionize how people live, work and play particularly in urban areas. With an in-depth view of what it takes for AVs to succeed and scale, The 2018 Autonomous Vehicles Readiness Index (AVRI) is a must-read overview of what it takes for countries to meet the challenges of self-driving vehicles and includes an evaluation of where 20 countries stand today.

The index evaluates each country according to four pillars that are integral to a country's capacity to adopt and integrate autonomous vehicles. These include: policy & legislation; technology & innovation; infrastructure; and consumer acceptance.

The analysts discovered that the Netherlands has the highest level of readiness for autonomous driving, with a score of 27.73 based on its modern infrastructure, supportive government, investment in technology and manufacturing and enthusiastic consumer and business adoption of electric vehicles.

Singapore comes second with a score of 26.08, with a landmark amendment to its Road Traffic Act last year which allowed self-driving cars to be tested on its streets.

The United States came in third, reporting over 160 US-based companies developing self-driving technology, and while it scored well in technology & innovation, it received very poor marks in the infrastructure category.

California is a leading state in car ownership and use and in developing legislation and infrastructure to support the future of connected cars. Dispersive Networks, a programmable networking company that makes it possible to spin up private, mission-critical networks over the public Internet, provided comments to the California Energy Commission on one very important intersection associated with plug-in electric vehicles (EVs) – their relationship to the power grid.

Responding to a call for public comments, Dispersive’s Chief Operating Officer, Richard Harrison, applauded the efforts of the California Energy Commission (CEC), California Air Resources Board (CARB), California Public Utilities Commission (PUC), and California Independent System Operator (CAISO) for coordinating under the leadership of the CEC to advance plans for integrating EVs with the power grid.

Dispersive is extremely familiar with the California power grid where its software is used to improve the security, resilience and performance of data sessions for transmitting telemetry and metering data. “We believe the multiple California agencies’ action in this manner is both timely and opportune, as growing EV sales and technological advancements are paving the way for vehicle to grid (V-G) models across the globe,” Harrison writes.

“This urgency around policy may be more acute in California than in most states, but that is merely a matter of time,” Dispersive’s public filing with the CEC says. “Utility commissions around the country are starting to grapple with this issue, and what California decides is likely to influence the rest of the country in developing the electric grids and transportations systems of the future.”

Harrison goes on to outline the importance of understanding and having a means to improve related cyber-security practices to “ensure safe data transfers from malicious attacks” and “advanced communication and hardware technology standardization and interoperability for the various communications technologies and pathways that will enable successful Vehicle-to-Grid (V-G) adoption at scale.”

AV, EV and V-G systems require ultra-secure, pervasive and resilient network connectivity in a massively mobile environment. The choice of communications solutions adopted will fundamentally enhance, or obstruct, achieving the goals for AV, EV and V-G systems, as well as the overall the goals of improving grid operations, reliability, and economic efficiency.”

Dispersive’s comments include high level “best practices” for V-G systems, which will be essential to any roll-out, in California, the US and elsewhere.

Real-time (or near real-time) visibility to all grid-connected assets that are potentially capable of being hacked is a critical necessity to safe operation of the grid.

It should be assumed from the outset that adversaries are continuously probing and reconnoitering the entire electric system in a constant search for weakest links. This activity includes both a search for possible points of intrusion and identification of potential capabilities to do harm.

As demonstrated in the twelve-month interval between the December 2015 and December 2016 cyber assaults on the Ukrainian grid, ‘blackhat’ capabilities are constantly evolving and improving, creating increasingly leveraged attack capabilities that can assault multiple targets simultaneously.

As the Department of Homeland Security warning of July 2018 indicated, hackers have likely penetrated multiple U.S. utility networks and are currently believed to be in a preparatory reconnaissance mode.

Networks of connected EVs - lacking appropriate cyber safeguards - with ability to create bi-directional flows of energy, could create considerable harm to the grid if hacked. With some EVs now deploying battery packs of 100 kWh, and buses at three times that size, the risk of instability and disruption may extend beyond the distribution utility level to the bulk power system. This would especially be the case if an extensive automated attack were to be simultaneously targeted across multiple targets.

An electric vehicle is a means of advanced, cleaner, and more efficient transportation. It is also a mobile storage asset that serves as a potential resource to the grid. At the same time, it is connected to multiple networks.

According a report by Next 10, a San Francisco-based think tank authored by F. Noel Perry and Adam Fowler, California has led the United States in EV adoption. As of October 2017, the state had 337,482 zero-emission vehicles (ZEV), a number that grew 53 percent between 2013 and 2017. This growth has helped position the state to hit its environmental targets, since transportation accounts for roughly 40 percent of the state’s carbon emissions.

Perry and Fowler believe California is likely to achieve its goal of 1.5 million electric vehicles on the road by 2025, as barriers to widespread electric car adoption continue to fall. In their “The Road Ahead for Zero-Emission Vehicles in California: Market Trends & Policy Analysis,” they cite as important trends the falling costs of batteries, changing regulations, investment in government fleets of EVs, and sizable investments by Ford, GM and other automotive companies in EV technologies. Meeting the goal of 5 million EVs operating in California set by Governor Jerry Brown, will require even more dramatic growth, including growth in sales of electric medium- and heavy-duty vehicles.

Transportation trends towards automation and increased usage of mobility services like Uber and Lyft is expected to rapidly expand the percentage of electric vehicles on the road, further increasing electricity demand, which will have significant impacts on infrastructure and will require upgrades to the energy system. The costs of these investments are likely to be low compared to the benefits. According to the California Public Utilities Commission, flexible EV charging can generate resource cost savings of $100-200 million per year for the power system, compared to unmanaged EV charging.

Even as these programs proceed, without securing the electrical grid and its relationship to supporting EVs, AVs and V-Gs, progress will slow down. Is there anything more terrifying than the thought of a massive hack on hundreds of thousands of vehicles? The impact of such an attack would be catastrophic.

Dispersive’s filing urges California lawmakers to put in place rigorous security requirements including the following:

Security must extend to all endpoints.

EV assets must be authenticated and authorized before they access the network.

The network must be micro-segmented. Unauthorized flows or frames intended for the secure portion of the network must be discarded.

IP addresses of assets must be invisible/blocked and EV asset to server relationships must be hidden.

Endpoints (including EV assets and servers) should not be discoverable by the adversary. The detection of one asset should not enable the detection of other assets.

All communications should be secured with NIST-recommended cryptographic algorithms only.

The network should implement an Authenticating Control Plane and an Authenticating Data Plane to minimize the attack surface and protect against DoS/DDoS, malware, and ransomware attacks.

“Vehicle to Grid communications represents the most significant networking challenge of our time. Both the electric grid and any mobile assets connected to it must be secure at all times from numerous classes of cyber threats. At the same time, V-G communications must be readily available and cost effective,” Harrison says.

Inspired by battlefield-proven wireless radio techniques, the Dispersive™ Virtualized Network is a disruptive programmable networking platform that enables EVs to securely connect to the grid across any kind of available network infrastructure, including the public Internet. Dispersive’s experience extends to a broad range of use cases in mission-critical industries, including financial services and military communications, as well as the electric power sector where Dispersive’s platform provides ultra-secure and ultra-resilient connectivity for SCADA transmissions between independent power producers and the California grid operator.

The IoT Evolution Expo, and collocated events, IoT Evolution Health, LPWAN Expo, The Smart City Event, and IIoT Conference, will take place Jan. 29 to Feb 1 in Ft. Lauderdale, Florida. Visit IoTEvolutionExpo.com to register now.